Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

What about typing the authenticator code, than waiting to the last few seconds of its valid
and then pressing enter ?
Should be much harder todo anything with this code in it's valid time...
Maybe Blizz adds somekind of 'traffic light' to their authenticator hard/software that indicates with
a green light when using your key is most safe.

Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

man-in-the-middle-attack

Also known as a replay attack.

I just learned about this in Cisco. Basically it means that the network that Blizzard/AT&T uses to run WoW on doesn't have their WAN connections secured, or at least not completely secured. This is usually remedied with authentication (pap, chap) being configured between routing devices within their network. Without authentcation/encryption measures in place, a hacker can intercept network traffic and modify it so that the receiving device will send information back to the hacker.

I'm just going for my vanilla CCNA, so that's all that was covered in the text.

I wouldn't be surprised if this was an inside job.

Now I see why my teacher said that CCNA Security certs are in high-demand. Without a doubt, the CCNA security goes in-depth with stuff like this.

Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

Funny, unless i'm mistaken, the only place you can talk to darion(For the mount) would be in ebon hold? He might be in ICC, but if I remember, he's not with the rest of the lore characters at the entrance. Does this mean that the deathchargers are still Death Knight only?

Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

Originally Posted by Frozenbeef

People who don't use an authenticator because they are 100% safe without one are idiots

How so?

Is there even one pro-authenticator individual who's smart enough to grasp how herculean of a task it would be to produce and ship 11,5 million authenticators all over the world? Or that only about 1 million WoW players have smartphones?

Even if they shipped in Cataclysm boxes, the bulk (75%) of WoW accounts were purcharsed digitally. There simply will never be enough authenticators for all the players in the game for the next 2 years.

Might as well learn how to keep your computer safe now, which is a skill you'll undoubtedly need long after you stop playing the game, than having little devices hold your hand all the way through life.

Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

Originally Posted by Frozenbeef

People who don't use an authenticator because they are 100% safe without one are idiots

Anyone who thinks they will ever be 100% safe (with or without an authenticator) is misguided. You are never 100% safe from being hacked if you are connected to the internet and your connection works at all.

Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

The thing with the authenticator hack though is that the person on the other end has to be constantly watching their computers for someone attempting to log in with an authenticator, then they get like 30 seconds to use your authenticator code.

The odds of this happening can be quite high but nowhere near as high as you being hacked without an authenticator.

It still increases your safety at login.

Just remember to do regular virus scans and grab something like SpyBot and scan on a regular basis with that as well.

It is ENTIRELY possible to get a trojan/keylogger without your even knowing. You don't always have to click something for it to install as don't forget, hackers are almost always one step ahead of any circumventions made.

Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

This is more of a network attack since the hacker had to hack into AT&T's WoW network to get the account info. Some folks are unfortunate victims, but I'm sure they have network technicians working around the clock to button up the network, wherever their weakness was. I'm sure when the attack was discovered, cellphones and pagers went off like crazy; especially when there's so many stakeholders involved (including you, the customer).

Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

Originally Posted by XemnasXD

I never considered keylogging a hack. I mean basically someone is downloading something bad onto there computer. Its not the the keylogger forced its way on there. Someone was stupid and careless so they got a keylogger and now someone has there authenticator whatever. Its nice that Bliz is aware of this and helping people out but you'd have to be beyond stupid to download something like this...

You do know it's possible to get a virus by visiting any site? MMO-Champion as well.

Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

Why would you assume it's an inside job? It's not an interception from a Blizz machine to a Blizz machine, they're intercepting your battle.net email account information and password before it even gets to Blizz. On your local machine.

Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

Originally Posted by SpicyM

Why would you assume it's an inside job? It's not an interception from a Blizz machine to a Blizz machine, they're intercepting your battle.net email account information and password before it even gets to Blizz. On your local machine.

The network that WoW runs on is managed by AT&T. I'm just saying it's a possibility.

A replay attack takes place on a WAN connection, so which WAN connection was compromised, the customer's or AT&T? How many accounts were compromised exactly?

Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

Except the "hack" all occured independent of their network. You get keylogger from website X. You type in your Username/Password on your local machine. You type in your authenticator code on your local machine. Keylogger redirects your traffic from going to Blizz and it goes to scriptkiddie. Scriptkiddie logs in with your information that you gave them. At no point did "you" ever even communicate with the Blizzard network. Blizz never even knew you tried to log in.

Edit: They may have seen a login attempt by you that fails to use a correct authenticator code, but again you failing to authenticate doesn't indicate a weakness in their network.

Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

Originally Posted by Sickandtwistéd

Funny, unless i'm mistaken, the only place you can talk to darion(For the mount) would be in ebon hold? He might be in ICC, but if I remember, he's not with the rest of the lore characters at the entrance. Does this mean that the deathchargers are still Death Knight only?

Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

Originally Posted by SpicyM

Except the "hack" all occured independent of their network. You get keylogger from website X. You type in your Username/Password on your local machine. You type in your authenticator code on your local machine. Keylogger redirects your traffic from going to Blizz and it goes to scriptkiddie. Scriptkiddie logs in with your information that you gave them. At no point did "you" ever even communicate with the Blizzard network. Blizz never even knew you tried to log in.

Ok, I get what you're saying now, that makes sense. I'll remember that for the test. So it all boils down to people getting themselves infected with keyloggers again.